From e6aa648d54f076c5c75d45bcd7658d502b701982 Mon Sep 17 00:00:00 2001
From: raja-grewal <rg_public@proton.me>
Date: Fri, 21 Nov 2025 12:36:32 +0000
Subject: [PATCH] Update docs on CPU MSR disabling

---
 .../30_security-misc_disable.conf#security-misc-shared        | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/etc/modprobe.d/30_security-misc_disable.conf#security-misc-shared b/etc/modprobe.d/30_security-misc_disable.conf#security-misc-shared
index c2eba36..2f30779 100644
--- a/etc/modprobe.d/30_security-misc_disable.conf#security-misc-shared
+++ b/etc/modprobe.d/30_security-misc_disable.conf#security-misc-shared
@@ -232,8 +232,10 @@ install sctp_diag /usr/bin/disabled-network-by-security-misc
 install hamradio /usr/bin/disabled-miscellaneous-by-security-misc
 
 ## CPU Model-Specific Registers (MSRs):
-## Disable CPU MSRs as they can be abused to write to arbitrary memory.
+## Can disable CPU MSRs as they can be abused to write to arbitrary memory.
 ##
+## https://en.wikipedia.org/wiki/Model-specific_register
+## https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/reading-writing-msrs-in-linux.html
 ## https://security.stackexchange.com/questions/119712/methods-root-can-use-to-elevate-itself-to-kernel-mode
 ## https://github.com/Kicksecure/security-misc/issues/215
 ##